| << Back to previous view |
|
[QB-3451] Changing the git password causes failing git operations on existing workspaces
|
|
| Status: | Resolved |
| Project: | QuickBuild |
| Component/s: | None |
| Affects Version/s: | 8.0.38 |
| Fix Version/s: | 9.0.23 |
| Type: | Bug | Priority: | Critical |
| Reporter: | AlSt | Assigned To: | Steve Luo |
| Resolution: | Fixed | Votes: | 0 |
| Remaining Estimate: | Unknown | Time Spent: | Unknown |
| Original Estimate: | Unknown | ||
| Description |
|
We changed the git password recently and had quite a lot failing builds afterwards (or not even builds, because in checking build condition it already failed). The password is also stored in plaintext on the host which is a security risk because the password might leak.
We use https checkouts because distributing the ssh key to 300+ machines is not the best thing and also on Windows it is not that easy to use ssh at all. I would expect Quickbuild to not store the password on the host, because it is a secret in QB. Also that way it would be able to change the password because it is not stored on the host in the gitconfig. |
| Comments |
| Comment by Steve Luo [ 12/Oct/19 01:10 AM ] |
|
Hi,
When password is changed, QuickBuild doesn't start a clean build and that is the reason caused this issue. It will be fixed soon. But to remove password from gitconfig is not possible from QuickBuild side. But you still have options if you really concern the security issue. You can: # Use global insteadof like: git config --global url."https://username:password@github.com/username/repo.git".insteadOf https://github.com/username/repo.git in this way, your password will be only stored in ~/.gitconfig file, and in quickbuild, you needn't specify the username and password any more. |